Advisory

Failure to take a proactive approach to information risk management is leaving many organisations vulnerable, with potentially devastating consequences.

With our plan in hand, you will be well-equipped to achieve full adherence to the ISO standards, as well as maintain a defendable, risk-management-based security posture in the face of a constantly changing regulatory, customer, and threat environment.

Wolfpack will partner with you to build a solid, business-aligned security strategy, thereby improving your organisation’s cyber risk management.

 

“There has been an explosion in both the frequency and severity of cyber attacks. Executives should be thinking about the legal and managerial decisions they will need to make in this type of crisis situation.”

Assess

Health Check

Stakeholder Engagement – Setting the scene


image004


Firstly, an information risk workshop will be conducted with key stakeholders in the organisation. This will serve to highlight major threats facing the organisation, to reinforce the importance of information risk management and ensure all stakeholder teams understand their roles and responsibilities in the upcoming assessment. Additionally, it will improve the accuracy of responses from all applicable sections within scope of the assessment and encourage open dialogue in order to highlight all major vulnerabilities within the organisation.


Determine the Current State

Conduct an Information Risk Assessment


The intention of our proposal is to review your current capability, in order to provide assurance to senior management that relevant Information Risk requirements are being managed effectively. We will determine the maturity of your Information Risk capability through the review of existing Information Security, IT Governance and Privacy processes. We propose performing an assessment against a consolidated set of baseline controls from a range of best practices, international standards and legal requirements.


It is recommended that the assessment includes members from Strategic (C-Level), Management and Operational levels to ensure the correct balance of IT governance, business continuity, information security, privacy and cyber security controls are in place.

Conduct a Cyber Risk Analysis


image009

Simulated threats include:

  • Network and port scanning.
  • Suspicious database activity.
  • Scans against web services.
  • Brute force attacks.
  • Open Source Intelligence (OSINT) gathering.
  • Other simulations.

Define a Priority Roadmap – Determine the Optimal State


The information risk assessment and cyber risk analysis results will be reviewed in consultation with management. A priority roadmap will be established to address high impact risks.

image011


The following will be considered as part of the risk impact rating scale:

  • Business operations impact. The potential negative impact on the achievement of the objectives of the Organisation.
  • Financial impact. The potential financial loss that could be suffered by the Organisation as a result of the risk materialising.
  • Reputational impact. The potential negative impact on the reputation / image / credibility of the Organisation.
  • National impact. The potential negative impact on the critical information infrastructure of the Country.

Improve

Remediation Phase


image013


We provide a combination of managed services, “battle-hardened” methodologies as well as training and awareness. We thereby help to correct vulnerabilities and speed up the implementation of ISMS deliverables. We maintain the project’s momentum and foster cross-skilling within all applicable sectors of the organisation.

“There’s no silver bullet solution with cybersecurity – a layered defence covering the full spectrum of prevention, detection, incident response and business resilience is the only viable option.”

Establish an Information Risk Management Framework


The information risk management framework provides an interactive dashboard. It ensures that high priority risks are identified and resources are allocated according to business priority.


image015

Establish an Information Security Management System (ISMS)


A business-aligned ISMS is an essential vehicle to implement the necessary information security controls, in order to address risks identified in the health check phase.

ISMS: PLAN Phase

Review of ISMS and current state of documents:

  • Validate the scope – Ensure that the ISMS scope supports business objectives, audit, compliance, risk, governance & technology requirements.
  • ISMS Gap Analysis – Identify and ensure that key information assets are protected.
  • Policy Management – Review and update relevant information security policies and standards.
  • Information Risk Management – Review information risk assessment methodology.

ISMS: DO Phase

Ensure that vital building blocks are in place when implementing the ISMS:

  • ISMS Scope.
  • ISMS Manual.
  • Risk Management.
  • Business Impact Analysis.
  • Statement of Applicability.
  • Awareness & Training Programme – Design a skills transfer programme to ensure sustainability of the programme.
  • Incident Management – Review incident management requirements.
  • Management Review of ISMS – Ensure that adequate senior management review sessions are taking place.

ISMS: CHECK and ACT Phase

Review and improve the ISMS:

  • ISMS Internal Audit – Ensure an internal audit review of the ISMS against ISO27001:2013
  • Determine organisation’s appetite for ISO27001:2013 certification. If so assist with stage 1 /2 Audit – Finalise logistics with external auditor for stage 1 audit.

 

image017


Simulated Red and Blue Team Exercises


Wolfpack offers a full information and cybersecurity risk assessment testing programme. This helps to protect clients against evolving cybersecurity threats and advanced persistent threat (APT) attacks.

The full portfolio of solutions assesses cyber threats, understands defensive capabilities and actively tests an organisation’s battle readiness. Various simulated attacks such as phishing, social engineering and vulnerability scanning are carried out. These assessment services help organisations to understand risks. They can then take immediate action to strengthen information and cybersecurity defences, as well as processes and procedures.



image019

Information Security and Privacy Incident Management


Information security policies or controls is not sufficient on their own. They will not guarantee complete protection of information, information systems, services or networks. After controls have been implemented, residual vulnerabilities are likely to remain. These vulnerabilities can weaken information security and facilitate  information security incidents. It can potentially have a negative impact on an organisation’s business operations. Furthermore, new incidents of previously unidentified threats is inevitable.

Insufficient preparation by an organisation to deal with such incidents will make any response less effective. Therefore, any organisation desiring a strong information risk management programme has to have a structured and planned approach to:

 

  • Detect, report and assess information security incidents.
  • Respond to information security incidents, including the activation of appropriate controls to prevent, reduce, and recover from impacts.
  • Report information security vulnerabilities, so they can be assessed and dealt with appropriately.
  • Learn from information security incidents and vulnerabilities, institute preventive controls, and make improvements to the overall approach to information security incident management.

image021

Wolfpack offers a full information security & privacy incident management approach based on ISO 27035 along with on-site training to assist organisations to mitigate the impact of incidents in their environment.


Monitor


The Wolfpack Monitoring platform provides five essential security capabilities in a single managed service. Understanding the sensitive nature of IT environments, we include active, passive and host-based technologies so that you can maintain the requirements of your particular environment.

“Connecting your organisation to the Internet makes it vulnerable to the full spectrum of global threats. Without constant monitoring you have no way of knowing where you have been compromised!”

Asset Discovery

  • Active Network Scanning.
  • Passive Network Monitoring.
  • Asset Inventory.
  • Software Inventory.

Vulnerability Assessment

  • Network Vulnerability Testing.
  • Continuous Vulnerability Monitoring.

Threat Detection

  • Network Intrusion Detection System (IDS).
  • Host IDS.
  • File Integrity Monitoring (FIM).

Behavioural Monitoring

  • Netflow Analysis.
  • Service Availability Monitoring.
  • Full packet capture.

Security Intelligence

  • Log Management.
  • Event Correlation.
  • Incident Response.
  • Reporting and Alarms.

Please contact us for more information


Screen Shot 2016-05-27 at 2.40.40 PM